Comptia (CAS-003) Exam Questions And Answers page 3
Ann, a user, brings her laptop to an analyst after noticing it has been operating very slowly. The security analyst examines the laptop and obtains the following output:
Which of the following will the analyst most likely use NEXT?
Which of the following will the analyst most likely use NEXT?
Vulnerability scanner
Antivirus
Network enumerator
Risk Management
Enterprise Security Operations
An organization is concerned that its hosted web servers are not running the most updated version of software. Which of the following would work BEST to help identify potential vulnerabilities?
hping3 S comptia.org p 80
nc 1 v comptia.org p 80
nmap comptia.org p 80 sV
nslookup port=80 comptia.org
Risk Management
Enterprise Security Operations
A large enterprise with thousands of users is experiencing a relatively high frequency of malicious activity from the insider threats. Much of the activity appears to involve internal reconnaissance that results in targeted attacks against privileged users and network file shares. Given this scenario, which of the following would MOST likely prevent or deter these attacks? (Choose two.)
Conduct role-based training for privileged users that highlights common threats against them and covers best practices to thwart attacks
Increase the frequency at which host operating systems are scanned for vulnerabilities, and decrease the amount of time permitted between vulnerability identification and the application of corresponding patches
Enforce command shell restrictions via group policies for all workstations by default to limit which native operating system tools are available for use
Modify the existing rules of behavior to include an explicit statement prohibiting users from enumerating user and file directories using available tools and/or accessing visible resources that do not directly pertain to their job functions
For all workstations, implement full-disk encryption and configure UEFI instances to require complex passwords for authentication
Implement application blacklisting enforced by the operating systems of all machines in the enterprise
Risk Management
Enterprise Security Operations
A small company is implementing a new technology that promises greater performance but does not abide by accepted RFCs. Which of the following should the company do to ensure the risks associated with implementing the standard-violating technology are addressed?
Document the technology s differences in a system security plan.
Require the vendor to provide justification for the product s deviation.
Increase the frequency of vulnerability scanning of all systems using the technology.
Block the use of non-standard ports or protocols to and from the system.
Risk Management
Risk Management
Given the following output from a local PC:
Which of the following ACLs on a stateful host-based firewall would allow the PC to serve an intranet website?
Which of the following ACLs on a stateful host-based firewall would allow the PC to serve an intranet website?
Allow 172.30.0.28:80 -> ANY
Allow 172.30.0.28:80 -> 172.30.0.0/16
Allow 172.30.0.28:80 -> 172.30.0.28:443
Allow 172.30.0.28:80 -> 172.30.0.28:53
Enterprise Security Architecture
Enterprise Security Operations
A large, public university has recently been experiencing an increase in ransomware attacks against computers connected to its network. Security engineers have discovered various staff members receiving seemingly innocuous files in their email that are being run. Which of the following would BEST mitigate this attack method?
Improving organizations email filtering
Conducting user awareness training
Upgrading endpoint anti-malware software
Enabling application whitelisting
Risk Management
Enterprise Security Operations
A team is at the beginning stages of designing a new enterprise-wide application. The new application will have a large database and require a capital investment in hardware. The Chief Information Officer (!IO) has directed the team to save money and reduce the reliance on the datacenter, and the vendor must specialize in hosting large databases in the cloud. Which of the following cloud-hosting options would BEST meet these needs?
Multi-tenancy SaaS
Hybrid IaaS
Single-tenancy PaaS
Community IaaS
Risk Management
Enterprise Security Operations
While standing up a proof-of-concept solution with a vendor, the following direction was given for connections to the different environments:
Which of the following is being used to secure the three environments from overlap if all of them reside on separate servers in the same DMZ?
Which of the following is being used to secure the three environments from overlap if all of them reside on separate servers in the same DMZ?
Separation of environments policy
Logical access controls
Segmentation of VLANs
Subnetting of cloud environments
Risk Management
Enterprise Security Operations
After the departure of a developer under unpleasant circumstances, the company is concerned about the security of the software to which the developer has access. Which of the following is the BEST way to ensure security of the code following the incident?
Hire an external red team to conduct black box testing
Conduct a peer review and cross reference the SRTM
Perform white-box testing on all impacted finished products
Perform regression testing and search for suspicious code
Risk Management
Enterprise Security Operations
A network engineer is attempting to design-in resiliency characteristics for an enterprise network s VPN services.
If the engineer wants to help ensure some resilience against zero-day vulnerabilities exploited against the VPN implementation, which of the following decisions would BEST support this objective?
If the engineer wants to help ensure some resilience against zero-day vulnerabilities exploited against the VPN implementation, which of the following decisions would BEST support this objective?
Implement a reverse proxy for VPN traffic that is defended and monitored by the organization s SOC with near-real-time alerting to administrators.
Subscribe to a managed service provider capable of supporting the mitigation of advanced DDoS attacks on the enterprise s pool of VPN concentrators.
Distribute the VPN concentrators across multiple systems at different physical sites to ensure some backup services are available in the event of primary site loss.
Employ a second VPN layer concurrently where the other layer s cryptographic implementation is sourced from a different vendor.
Risk Management
Enterprise Security Operations
Comments